zrok/endpoints/proxy/backend.go

102 lines
2.3 KiB
Go
Raw Normal View History

package proxy
2022-07-20 19:18:40 +02:00
import (
"crypto/tls"
"fmt"
"github.com/openziti/sdk-golang/ziti"
2022-08-09 19:57:45 +02:00
"github.com/openziti/sdk-golang/ziti/edge"
"github.com/openziti/zrok/endpoints"
"github.com/openziti/zrok/util"
"github.com/pkg/errors"
2022-08-10 21:16:36 +02:00
"github.com/sirupsen/logrus"
2023-05-25 20:59:39 +02:00
"net/http"
"net/http/httputil"
"net/url"
"time"
)
type BackendConfig struct {
2022-08-10 21:16:36 +02:00
IdentityPath string
EndpointAddress string
2023-01-04 20:42:58 +01:00
ShrToken string
Insecure bool
Requests chan *endpoints.Request
2022-08-10 21:16:36 +02:00
}
2023-04-14 19:09:54 +02:00
type Backend struct {
cfg *BackendConfig
2022-08-09 19:57:45 +02:00
listener edge.Listener
handler http.Handler
}
func NewBackend(cfg *BackendConfig) (*Backend, error) {
options := ziti.ListenOptions{
ConnectTimeout: 5 * time.Minute,
WaitForNEstablishedListeners: 1,
}
2023-05-25 17:50:38 +02:00
zcfg, err := ziti.NewConfigFromFile(cfg.IdentityPath)
if err != nil {
2022-08-09 19:57:45 +02:00
return nil, errors.Wrap(err, "error loading config")
}
2023-05-25 17:50:38 +02:00
zctx, err := ziti.NewContext(zcfg)
if err != nil {
return nil, errors.Wrap(err, "error loading ziti context")
}
listener, err := zctx.ListenWithOptions(cfg.ShrToken, &options)
if err != nil {
2022-08-09 19:57:45 +02:00
return nil, errors.Wrap(err, "error listening")
}
proxy, err := newReverseProxy(cfg)
2022-07-21 21:46:14 +02:00
if err != nil {
2022-08-09 19:57:45 +02:00
return nil, err
}
2022-08-09 19:57:45 +02:00
handler := util.NewProxyHandler(proxy)
2023-04-14 19:09:54 +02:00
return &Backend{
2022-08-18 22:57:38 +02:00
cfg: cfg,
2022-08-09 19:57:45 +02:00
listener: listener,
handler: handler,
}, nil
}
2023-04-14 19:09:54 +02:00
func (b *Backend) Run() error {
if err := http.Serve(b.listener, b.handler); err != nil {
2022-07-21 21:46:14 +02:00
return err
}
2022-07-21 21:46:14 +02:00
return nil
}
2022-08-10 21:16:36 +02:00
func newReverseProxy(cfg *BackendConfig) (*httputil.ReverseProxy, error) {
targetURL, err := url.Parse(cfg.EndpointAddress)
2022-08-10 21:16:36 +02:00
if err != nil {
return nil, err
}
tpt := http.DefaultTransport.(*http.Transport).Clone()
if cfg.Insecure {
tpt.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
}
2022-08-10 21:16:36 +02:00
proxy := httputil.NewSingleHostReverseProxy(targetURL)
proxy.Transport = tpt
2022-08-10 21:16:36 +02:00
director := proxy.Director
proxy.Director = func(req *http.Request) {
if cfg.Requests != nil {
cfg.Requests <- &endpoints.Request{
2023-01-10 20:52:28 +01:00
Stamp: time.Now(),
RemoteAddr: fmt.Sprintf("%v", req.Header["X-Real-Ip"]),
Method: req.Method,
Path: req.URL.String(),
}
}
2022-08-10 21:16:36 +02:00
director(req)
req.Header.Set("X-Proxy", "zrok")
}
proxy.ErrorHandler = func(w http.ResponseWriter, r *http.Request, err error) {
logrus.Errorf("error proxying: %v", err)
}
return proxy, nil
}